Authentication with biometric data, e.g., speech, a fingerprint, iris appearance is an alternative to conventional passwords. The biometric data do not need to be remembered memorized, and are difficult to replicate.
Fingerprints are one of the most common sources of biometric data for authentication. During authentication, discriminative features from an enrolment fingerprint are compared with features from a probe fingerprint. However, many conventional fingerprint-based authentication systems assume that the features determined from the enrolment biometrics are stored in an unencrypted form in a biometric database connected to the access control device.
This assumption can pose a security risk when the features form the enrolment and probe fingerprints are encrypted. Encryption ensures that an adversary who compromises the database cannot discover the fingerprint features of enrolled users. However, for such systems, the access control device must perform the comparison of the probe features and the enrolment features in an encrypted domain.
Most of the methods for comparison of encrypted biometric features have some common characteristics. The feature extraction process generates feature vectors with predetermined lengths, which facilitates comparison of the biometric features based on distances between the vectors. Secure and nearly real-time protocols for determining distance metrics such as Euclidean. Hamming and absolute distances are known.
To guarantee accurate biometric, matching, alignment must be performed between the enrolment and probe fingerprints prior to feature extraction. Typically, the unencrypted alignment parameters, such as the locations of high curvature points on the enrolment fingerprint, are used for the alignment, see, e.g., U.S. Patent Document 2011/0133567. These alignment parameters allow the access control device to align the probe fingerprint to the enrolment fingerprint before extracting probe features and comparing the probe features with the enrolment features in the encrypted domain. However, storing unencrypted alignment parameters poses a security risk.
The above characteristics impose constraints on the design of the access control system. A fixed-length feature representation reduces the flexibility of the feature comparing because such representation cannot accommodate, for example, feature matching from fingerprint images that have been cropped or fingerprints that produce a small number minutiae. The unencrypted alignment information may allow the adversary to guess whether a fingerprint contains core, or tent or delta structures, thereby simplifying the vectors that can be used to attack the system.
Accordingly, there is a need for a fingerprint feature extraction and biometric authentication method suitable for biometric authentication in the encrypted domain, which enables enrolment and probe features to have different lengths, and does not require explicit alignment, thus removing the need to store unencrypted alignment parameters.